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IN THE CLAIMS 

Please cancel claims 10-12, 22-24 and 30. 
Please amend claims 1, 13, 18, 25 and 28. 



1 . (Currently amended) A method comprising: 

dividing a virtual machine) monitor (VMM) into a first portion and a second portion; 

locating fee a second portion of the a virtual machine monitor (V MM) in a second 
address space associated with the VMM; 

mapping the a first portion of the VMM into a first address space and the second address 

\ space, the first address space being associated with fee a guest operating system; 

> 

detecting that the guest operating system attempts to access a region occupied by the first 
portion of the VMM within the first address space; 

if determining that no unused region exists within the first address space, selecting a 
random region within the first address space, copying content of a memory located at the random 
region to the second address space, re-mapping the first portion of the VMM into the random 
region^ and accessing the copied content of the memory in the second address space if detecting 
an attempt of the guest operating system to access the content of the memory previously located 
at the random region; and 

periodically relocating the first portion of the VMM within the first address space until 
finding a region that is infrequently used to - allow th e guogt - ^orating Gvotom to accooo the region 
pr e viously occupi e d by th e first portion of th e VMM . 
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2. (Original) The method of claim 1 wherein the first portion of the VMM includes a set of 
VMM code and data structures that are architecturally required to reside in the first address 
space. 

3. (Original) The method of claim 1 wherein the first portion of the VMM includes a set of 
trap handlers and an interrupt-<iescriptor table (IDT). 



Jo. (Original) The method of claim 1 further comprising: 

receiving control over an event initiated by the guest operating system when the event 
may potentially cause an address space conflict between the guest operating system and the 
VMM. 



X- (Original) The method of claim wherein receiving control further comprises: 

setting access rights of the section occupied by the first portion of the VMM to a more 

privileged level than a privilege level associated with the guest operating system; and 

receiving a trap caused by an attempt of the guest operating system to access a hardware 

resource having a higher privilege level than the privilege level associated with the guest 

operating system. 

<y 4 

Pf. (Original) The method of claim ^further comprising: 

determining that the trap can be handled by the first portion of the VMM; 

executing code associated with the trap; and 

returning control over the event to the guest operating system. 
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(Original) The method of claim ^further comprising: 

determining that the trap should be handled by the second portion of the VMM; 
delivering the trap to the second portion of the VMM; 

passing control over the event to the guest operating system after code associated with the 
trap was executed by the second portion of the VMM. 

(Previously presented) The method of claim 1 wherein relocating the first portion of the 
VMM comprises: 

finding an unused region within the first address space; and 
re-mapping the first portion of the VMM into the unused region. 

Cancelled* 

Cancelled, 

Cancelled. 

(Currently amended) An apparatus comprising: 
a first address space associated with a guest operating system; 
a second address space associated with a virtual machine monitor (VMM); and 
a virtual machine kernel to divide the VMM into a first portion and a sooond portion, to 
locate the a second portion of the VMM in the second address space, to map the a first portion of 
the VMM into the first address space and the second address space, to detect that the guest 
operating system attempts to access a region occupied by the first portion of the VMM within the 




42390.P9768 4 

Received from < 408 720 9397 > at 911 7103 6:57:49 PM [Eastern Daylight Time] 



09/17/2003 13:29 FAX 408 720 9397 



BST&Z 



@008 



-ft 



first address space, to determine that no unused region exists within the first address space, to 
select a random region within the first address space, to copy content of a memory located at the 
random region to the second address space, to re-map the first portion of the VMM into the 
random region, to access the copied content of the memory in the second address space if 
detecting an attempt of the guest operating system to access the content of the memory 
previously located at the random region, and to periodically relocate the first portion of the 
VMM within the first address space until finding a region that is infrequently used to allow th e 
gu e st operating sy s tem to qocoss tho rogion proviouoly occupied by the firGt portion of tho VMM . 

J4T (Original) The apparatus of claim J^wherein the first portion of the VMM includes a set 
of VMM code and data structures that are architecturally required to reside in the first address 
space. 

ii 9 

yf. (Original) The apparatus of claim i3^wherein the first portion of the VMM includes a set 
of trap handlers and an interrupt-descriptor table (IDT). 

}ff! (Original) The apparatus of claim J#wherein the virtual machine kernel is to receive 
control over an event initiated by the guest operating system when the event may potentially 
cause an address space conflict between the guest operating system and the VMM. 

U IK 

Mf. (Previously presented) The apparatus of claim jWwherein the virtual machine kerne] is to 
receive control by setting access rights of the section occupied by the first portion of the VMM 
to a more privileged level than a privilege level associated with the guest operating system, and 
by receiving a trap caused by an attempt of the guest operating system to access a hardware 
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resource having a higher privilege level than the privilege level associated with the gaest 
operating system. 

(Original) The apparatus of claim >5 wherein the virtual machine kernel is to further 
determine that the trap can be handled by the first portion of the VMM, to execute code 
associated with the trap, and to return control over the event to the guest operating system. 

(Original) The apparatus of claim ,1c wherein the virtual machine kernel is to further 
determine that the trap should to handled by the second portion of the VMM, to deliver the trap 
to the second portion of the VMM, and to pass control over the event to the guest operating 
system after code associated with the trap was executed by the second portion of the VMM, 

2*. (Original) The apparatus of claim Jo wherein the virtual machine kernel is to relocate the 
first portion of the VMM by finding an unused region within the first address space and re- 
mapping the first portion of the VMM into the unused region. 

22. Cancelled. 



23. 



Cancelled. 



24. 

3 



Cancelled. 



(Currently amended) A system comprising: 
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a memory to include a first address space associated with a guest operating system and a 
second address space associated with a virtual machine monitor (VMM); and 

a processor, coupled to the memory, to divid e the VMM into a first portion and a second 
portion, to locate the a second portion of the VMM in the second address space, to map the a first 
portion of the VMM into the first address space and the second address space, to detect that the 
guest operating system attempts to access a region occupied by the first portion of the VMM 
within the first address space, to determine that no unused region exists within the first address 
space, to select a random region within the first address space, to copy content of a memory 
located at the random region to the second address space, to re-map the first portion of the VMM 
into the random region, to access the copied content of the memory in the second address space 
if detecting an attempt of the guest operating system to access the content of the memory 
previously located at the random region, a nd to periodically relocate the first portion of the 
VMM within the first address space until finding a region that is infrequently used to allow tho 
guoot operating sy s tem to acc e ss the r e gion previously occupied by tho first portion of tho VMM. 

it a 

26. (Original) The system of claim 23* wherein the first portion of the VMM includes a set of 
VMM code and data structures that are architecturally required to reside in the first address 
space. 

JJ 0 

(Original) The system of claim .29 wherein the first portion of the VMM includes a set of 
trap handlers and an interrupt-descriptor table (IDT). 

2& (Currently amended) A computer readable medium that provides instructions, which 
when executed on a processor, cause said processor to perform operations comprising: 
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dividing a virtual machin e monitor (VMM) into a first portion and a second portion; - 
locating the a second portion of the VMM in a second address space associated with the 

VMM; 

mapping the a first portion of the VMM into a first address space and the second address 
space, the fiT^t address space being associated with thfc a guest operating system; 

detecting that the guest operating system attempts to access a region occupied by a the 
first portion of the VMM within a the first address space; 

if determining that no unused region exists within the first address space, selecting a 
random region within the first address space, copying content of a memory located at the random 
region to the second address space, re-mapping the first portion of the VMM into the random 
region, and accessing the copied content of the memory in the second address space if detecting 
I an attempt of the guest operating system to access the content of the memory previously located 



at the random region; and 

periodically relocating the first portion of the VMM within the first address space until 
finding a region that is infrequently used to allow the guest operating system to acc e so the rogion 
previously occupi e d by tho firot portion of th e VMM . 




(Original) The computer readable medium of claim.3^comprising further instructions 




causing the processor to perform operations comprising: 



finding an unused region within the first address space; and 



re-mapping the first portion of the VMM into the unused region. 



P30. 



Cancelled. 
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